Highest Voted 'hsts' Questions - Super User Stack Exchange

4

votes

1 answer

Disable/remove HSTS for a website in chrome

My https not supported website is getting re-directed to https by default. I tried removing hsts entry from chrome net-internal settings but it does not work & the redirection just keeps happening. My website is a subdomain like xxx.yyy.com where…

google-chrome https hsts

asked May 15 '17 at 09:04

Aarish Ramesh

141
1
5

2

votes

0 answers

how to ignore HSTS on Firefox?

am running Firefox 91.11.0esr and intentionally MITM'ing myself with Fiddler Proxy, and it works on websites not using HSTS, but breaks on HSTS sites. How can i tell firefox to ignore HSTS? googling suggest going to about:settings and…

firefox proxy fiddler hsts mitmproxy

asked Jul 04 '22 at 12:44

hanshenrik

1,117
1
15
31

2

votes

4 answers

HSTS not working with Chrome

I have configured Apache to return HSTS header. When connecting to https://lab20.example.com from Google Chrome and running with developer tools I can see the following response header: Strict-Transport-Security:max-age=63072000;…

apache-http-server ssl tls hsts

asked Aug 01 '16 at 06:59

user2913139

131
1
2

1

vote

3 answers

Can not access Netgear EX6200 through www.mywifiext.net

I try to configure a Netgear EX6200, as described on label and other instructions, including: I connect to the wifi that the device provides. I then access "http://www.mywifiext.net". In Chrome, Chromium, Firefox or Edge quietly force a redirect…

networking wireless-networking netgear-router hsts

asked Aug 09 '23 at 23:46

JanErikGunnar

121
4

1

vote

1 answer

how to ignore HSTS on Chrome?

am running Chrome 103.0.5060.66 and intentionally MITM'ing myself with Fiddler Proxy, and it works on websites not using HSTS, but breaks on HSTS sites. How can i tell Chrome to ignore HSTS? example of a website using HSTS: https://www.century21.pt/…

google-chrome proxy fiddler hsts mitmproxy

asked Jul 06 '22 at 16:00

hanshenrik

1,117
1
15
31

1

vote

0 answers

Unable to access Dropbox on desktop due to HSTS?

I am unable to access Dropbox on Windows 10 desktop. I can do it on another Windows 10 computer as well as Android phone on the same Wi-Fi but not on this one desktop through two different ISPs. Tried four different browsers, including Firefox,…

windows-10 dropbox hsts

asked Dec 17 '20 at 01:13

prl77

252
3
9

1

vote

0 answers

WinServer 2019 Standard Https Issue

Recently installed Windows Server 2019 Standard (legit and activated) and migrated my mail server over to this server. I noticed after I was done that I cannot browse the web if the website uses https. Below I attached pictures and I have tried to…

windows google-chrome https windows-server-2019 hsts

asked Aug 06 '20 at 16:33

Shiphted

11
1

1

vote

1 answer

How can I circumvent HSTS on an intranet subdomain?

So, I have control over a small webserver that controls a subdomain of an intranet domain; the domain has HSTS turned on, so I can't connect to my subdomain via HTTP; I also can't use self-signed certificates and HTTPS. I've thought about using…

certificate https intranet hsts

asked Apr 27 '18 at 11:27

user430258

1

vote

0 answers

'Your connection is not secure' on google after update

After update to the latest version of firefox (52.0), when I enter on google.com* I get: Your connection is not secure Without the chance to add an exception. Without luck, I tried: Delete cert8.db and cert_override.txt Adding manually the line…

firefox ssl hsts

asked Mar 14 '17 at 13:37

jotapdiez

111
4

0

votes

1 answer

HTTPS and HSTS headers issue

In my scenario we currently have www3.example.com routing through a few different paths. Could you please advise how we should correct this to be a better approach, possibly just redirecting even? "The HTTP site redirects users to a new URL in a way…

php http amazon-web-services https hsts

asked Apr 08 '22 at 14:24

samtech

11
4

0

votes

0 answers

SSL_ERROR_BAD_CERT_DOMAIN / NET::ERR_CERT_COMMON_NAME_INVALID on mismatched site

I am having a problem where sporadically, I start getting SSL_ERROR_BAD_CERT_DOMAIN errors in Firefox and NET::ERR_CERT_COMMON_NAME_INVALID errors in Chrome on the same sites (so it must be something they share in common, rather than within the…

windows google-chrome firefox ssl hsts

asked Sep 15 '20 at 21:25

Vultan

363
4
9

0

votes

0 answers

Transport header security header (HSTS) is not working with Internet Explorer 11

We are using a self-signed certificate in our application & want to use HSTS header for added security. We access our application using ip or hostname. I found that for HSTS to work, - no certificate errors must be there (installed self-signed…

certificate hsts internet-explorer

asked Aug 28 '18 at 13:06

Abhishek Sharma M

0

votes

0 answers

How am I supposed to reach a captive portal's login page when all my favorite sites use HSTS?

So I wanted to use the WiFi somewhere with a captive portal today. No problem, right? I'll just open my browser, type in www.google.com, and see the login page for the WiFi. Wrong! My browser wants to connect to Google by HTTPS, and that prevents…

wireless-networking ssl https captive-portal hsts

asked Jan 23 '18 at 16:52

Ken Bloom

499
3
11

0

votes

1 answer

How to prevent nginx from sending Strict-Transport-Security header?

I recently added https support to my site with nginx reverse proxy. I do not have add_header Strict-Transport-Security ... line in my config. Even then, I see Strict-Transport-Security: max-age=86400 in response header. If I add add_header…

ssl nginx headers hsts

asked Apr 07 '17 at 11:50

Urmil Parikh

111
1
3

0

votes

0 answers

can't access a web-site with HSTS in SeaMonkey

I'm having MitM, and some stupid websites like Hacker News which have managed to install an HSTS policy prior to MitM can no longer be accessed from SeaMonkey/Firefox. Without HSTS being installed, there's always an option to proceed anyways, but…

firefox https security-warning seamonkey hsts

asked Jun 01 '16 at 20:59

cnst

2,435
6
28
45

Questions tagged [hsts]